WastedLocker Ransomware “Most Sophisticated Attack”.

Team Metalogic Dexter's Blog

Ransomware can be better dealt with, if security teams have a better and clear view of suspect behavior on the network. Speaking to Infosecurity, Sophos chief product officer Dan Schiappa and principal research scientist Chester Wisniewski said a lot of issues can be dealt with if they detect how tools are being used in an unpredictable manner. Wisniewski said: “So if you see Powershell …

Share this Post

Cloud Breaches Set to Grow in “Velocity and Scale”

Team Metalogic Dexter's Blog

Cloud breaches are likely to increase in “velocity and scale” due to a prevalence of poor cybersecurity practices in cloud configurations that are creating exposures. This is according to the most recent The State of DevSecOps report by Accurics, which assesses cloud configuration practices that lead to breaches. The study found that 93% of cloud deployments analyzed contained misconfigured services, while 91% of …

Share this Post

Cosmetics Giant Avon Leaks 19 Million Records

Team Metalogic Dexter's Blog

A misconfigured cloud server at global cosmetics brand Avon was recently discovered leaking 19 million records including personal information and technical logs. Researchers at SafetyDetectives led by Anurag Sen told Infosecurity that they found the Elasticsearch database on an Azure server publicly exposed with no password protection or encryption. “The vulnerability effectively means that anyone possessing the server’s IP address could access …

Share this Post

Password Reuse to Blame for Fifth of Account Takeovers

Team Metalogic Dexter's Blog

Email account takeover (ATO) attacks often last for over a week and result from employees reusing passwords across multiple sites, according to new research from Barracuda Networks. The security vendor teamed up with researchers at UC Berkeley to study the lifecycle of email ATO attacks, examining 159 compromised accounts across 111 organizations. The study revealed that attacker dwell time for …

Share this Post

Cloud Misconfigurations a Major Compliance Risk, Say IT Decision Makers

Team Metalogic Dexter's Blog

Cloud misconfigurations are considered a data security risk by 95% of IT decision makers in the UK, according to a new study from Trend Micro. The findings highlight how human error is a major cause of organizations’ compliance problems and is obstructing their digital transformation. Of those who regard cloud misconfiguration as a risk, 41% said it is a “great risk.” For …

Share this Post

Home Distractions a Major Cause of Cybersecurity Errors During Lockdown

Team Metalogic Dexter's Blog

Nearly half (43%) of UK and US employees have made errors leading to cybersecurity repercussions, according to a new study from Tessian. The analysis, undertaken in April during the height of the COVID-19 pandemic, suggests that the disruption and additional stress and distractions of remote working are making organizations more vulnerable to cyber-attacks facilitated by human error. In the survey of …

Share this Post

NCSC Introduces Remote Working Testing Tool for Small Businesses

Team Metalogic Dexter's Blog

An exercise which will enable small businesses to test their cyber resilience while staff work remotely has been launched by the National Cyber Security Center (NCSC). Part of its Exercise in a Box toolkit, the ‘Home and Remote Working’ exercise is aimed at helping SMEs to reduce the risk of data compromise while employees are working remotely. The exercise focuses on three key …

Share this Post

Three-Quarters of UK Businesses Facing Compliance Problems Following Lockdown

Team Metalogic Dexter's Blog

Three-quarters (75%) of UK data protection officers (DPOs) anticipate the Covid-19 lockdown will cause difficulties in meeting data compliance obligations, potentially leading to large fines, according to a study by Guardum. In the survey, 72% of DSOs expect a backlog of data subject access requests (DSARs) upon returning to the office, while 3% are concerned there will be a “mountain” of DSARs …

Share this Post

Twitter data breach: Social engineering attack made a mockery of security controls

Team Metalogic Dexter's Blog

On Thursday morning, millions of Internet users all over the world woke up to the most audacious social engineering campaign ever. Right in front of their eyes, spammers hijacked the Twitter accounts of dozens of global celebrities, and live-tweeted bogus Bitcoin exchange deals with impunity. The blatant social engineering tactic involved hackers taking over the Twitter accounts of Tesla CEO …

Share this Post

99% of UK organisations suffered security breaches in the past one year

Team Metalogic Dexter's Blog

A survey of UK CTOs, CIOs, and CISOs has found that 99% of UK organisations suffered security breaches in the last twelve months with attack volumes increased significantly in the period. The survey, conducted by Opinion Matters and commissioned by VMware Carbon Black, gauged responses from 251 UK CIOs, CTOs, and CISOs from UK organisations on the nature and frequency of cyber …

Share this Post